25 matches found
mfi-cn.com Cross Site Scripting vulnerability OBB-3213125
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
SUSE CVE-2016-5105
The megasasdcmdcfgread function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface MFI command...
SUSE CVE-2017-5856
Memory leak in the megasashandledcmd function in hw/scsi/megasas.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption via MegaRAID Firmware Interface MFI commands with the sglist size set to a value over 2 Gb...
Design/Logic Flaw
Incorrect calculation of buffer size vulnerability in Peleton TTR01 up to and including PTV55G allows a remote attacker to trigger a Denial of Service attack through the GymKit daemon process by exploiting a heap overflow in the network server handling the Apple GymKit communication. This can lea...
CVE-2021-40526
Incorrect calculation of buffer size vulnerability in Peleton TTR01 up to and including PTV55G allows a remote attacker to trigger a Denial of Service attack through the GymKit daemon process by exploiting a heap overflow in the network server handling the Apple GymKit communication. This can lea...
CVE-2021-40526
CVE-2021-40526 describes an incorrect calculation of buffer size in Peleton TTR01 (including PTV55G), enabling a remote attacker to trigger a Denial of Service via a heap overflow in the GymKit-related network server. Impact stated: Apple MFI devices may fail to authenticate with the Peleton Bike...
Peleton TTR01 安全漏洞
The Peleton TTR01 is a wireless device. A security vulnerability exists in the Peleton TTR01 including the PTV55G that allows remote attackers to exploit a heap overflow in the web server that handles Apple's GymKit communications to trigger a denial of service attack via the GymKit daemon. This...
CVE-2017-5856
Memory leak in the megasashandledcmd function in hw/scsi/megasas.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption via MegaRAID Firmware Interface MFI commands with the sglist size set to a value over 2 Gb...
DEBIAN-CVE-2017-5856
Memory leak in the megasashandledcmd function in hw/scsi/megasas.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption via MegaRAID Firmware Interface MFI commands with the sglist size set to a value over 2 Gb...
Memory corruption
Memory leak in the megasashandledcmd function in hw/scsi/megasas.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption via MegaRAID Firmware Interface MFI commands with the sglist size set to a value over 2 Gb...
CVE-2017-5856
Memory leak in the megasashandledcmd function in hw/scsi/megasas.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption via MegaRAID Firmware Interface MFI commands with the sglist size set to a value over 2 Gb...
CVE-2017-5856
Memory leak in the megasashandledcmd function in hw/scsi/megasas.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption via MegaRAID Firmware Interface MFI commands with the sglist size set to a value over 2 Gb...
CVE-2017-5856
CVE-2017-5856 affects QEMU megasas SAS emulation: memory leak in megasas_handle_dcmd() in hw/scsi/megasas.c allows a local privileged guest to cause host memory consumption (DoS) via MegaRAID Firmware Interface (MFI) commands with sglist sizes exceeding 2 GB. Connected documents confirm the vulne...
CVE-2016-5105
The megasasdcmdcfgread function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface MFI command...
CVE-2016-5105
CVE-2016-5105 affects QEMU when MegaRAID SAS 8708EM2 HBA emulation is enabled. The megasas_dcmd_cfg_read path uses an uninitialized variable, enabling a local guest administrator to read host memory via MFI command vectors. Files in connected docs (IBM PowerKVM bulletin and SUSE/OpenSUSE advisori...
CVE-2016-5106
The megasasdcmdsetproperties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest administrators to cause a denial of service out-of-bounds write access via vectors involving a MegaRAID Firmware Interface MFI command...
Ubiquiti Administration Portal - Remote Command Execution (via Cross-Site Request Forgery)
Ubiquiti Administration Portal - Remote Command Execution via Cross-Site Request Forgery !-- KL-001-2016-002 : Ubiquiti Administration Portal CSRF to Remote Command Execution Title: Ubiquiti Administration Portal CSRF to Remote Command Execution Advisory ID: KL-001-2016-002 Publication Date:...
Ubiquiti Administration Portal CSRF / Remote Command Execution
KL-001-2016-002 : Ubiquiti Administration Portal CSRF to Remote Command Execution Title: Ubiquiti Administration Portal CSRF to Remote Command Execution Advisory ID: KL-001-2016-002 Publication Date: 2016.06.28 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2016-002.txt 1...
Ubiquiti Administration Portal - Remote Command Execution (via Cross-Site Request Forgery)
Exploit for hardware platform in category web applications !-- KL-001-2016-002 : Ubiquiti Administration Portal CSRF to Remote Command Execution Title: Ubiquiti Administration Portal CSRF to Remote Command Execution Advisory ID: KL-001-2016-002 Publication Date: 2016.06.28 Publication URL:...
Ubiquiti Administration Portal - Remote Command Execution (via Cross-Site Request Forgery)
!-- KL-001-2016-002 : Ubiquiti Administration Portal CSRF to Remote Command Execution Title: Ubiquiti Administration Portal CSRF to Remote Command Execution Advisory ID: KL-001-2016-002 Publication Date: 2016.06.28 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2016-002.tx...